{"vulnerability": "CVE-2025-1097", "sightings": [{"uuid": "1cec2df7-dfa2-43a2-99aa-5f81a9f5ca4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-feeb6c24-c70747e08b7ea0ca", "content": "", "creation_timestamp": "2025-03-31T15:55:24.473394Z"}, {"uuid": "2c245f40-fd59-4feb-a81e-21aadfbbfe2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3llpstnb6h52n", "content": "", "creation_timestamp": "2025-04-01T02:21:54.316729Z"}, {"uuid": "b044e8f3-4244-4c49-8636-fc4faf6b4019", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://bsky.app/profile/buzzleaktv.bsky.social/post/3llbt7nbtgw2u", "content": "", "creation_timestamp": "2025-03-26T12:51:21.235707Z"}, {"uuid": "914fc453-5296-439c-b85f-3afa77e05a05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://bsky.app/profile/sushicomabacate.com/post/3ll6wwsqkdc2t", "content": "", "creation_timestamp": "2025-03-25T09:20:01.382818Z"}, {"uuid": "25632f53-61a4-4093-9470-8d5bd6c746a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3ll7i4umzupb2", "content": "", "creation_timestamp": "2025-03-25T14:35:32.188430Z"}, {"uuid": "cfca67d1-7e64-4336-8816-f5dcb5dab164", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://bsky.app/profile/chrisshort.net/post/3lleslvc77v2k", "content": "", "creation_timestamp": "2025-03-27T17:18:19.943864Z"}, {"uuid": "90a29f3d-e930-4dff-8c82-6ce22e91303f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3ll7jjzlnne2b", "content": "", "creation_timestamp": "2025-03-25T14:52:52.867463Z"}, {"uuid": "8eb3f70e-9747-45da-a17a-1bbf22fb3ef3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3llam2asygc2x", "content": "", "creation_timestamp": "2025-03-26T01:10:23.864875Z"}, {"uuid": "bb6ec09e-33e4-4f75-92ff-4efb950bfdf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://bsky.app/profile/cyberkendra.bsky.social/post/3lle7kfmcyk2p", "content": "", "creation_timestamp": "2025-03-27T11:37:35.077756Z"}, {"uuid": "4132e81c-3c48-460d-a261-c0c2191a3db8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://bsky.app/profile/lookitup.baby/post/3ll5qr5t6uk2k", "content": "", "creation_timestamp": "2025-03-24T21:56:48.589485Z"}, {"uuid": "60babb8b-f3b9-417d-9d85-bc6acc4eda6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://bsky.app/profile/darkwebinformer.bsky.social/post/3llf3u5tfrc2s", "content": "", "creation_timestamp": "2025-03-27T20:04:01.858257Z"}, {"uuid": "200eac32-54fa-4838-9924-73c3d7400772", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://bsky.app/profile/lookitup.baby/post/3ll5qysdxh22k", "content": "", "creation_timestamp": "2025-03-24T22:01:06.482336Z"}, {"uuid": "54a66841-f9b1-4bc1-9e42-a6c2183673dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-1097", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3llf3uxsrzjw2", "content": "", "creation_timestamp": "2025-03-27T20:05:11.239170Z"}, {"uuid": "2efaa3ce-4d28-4d2a-9670-38600e359eec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://bsky.app/profile/gothburz.bsky.social/post/3ll7niwkfd72l", "content": "", "creation_timestamp": "2025-03-25T16:03:51.019754Z"}, {"uuid": "c0cf558a-44c7-441f-9e50-6d813101d764", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://bsky.app/profile/checkmarxzero.bsky.social/post/3ll7ob4476i2u", "content": "", "creation_timestamp": "2025-03-25T16:17:21.854485Z"}, {"uuid": "098def0a-30a8-48b9-9b0b-3dabebd62d7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://threatintel.cc/2025/03/26/075641.html", "content": "", "creation_timestamp": "2025-03-26T10:56:41.000000Z"}, {"uuid": "b358b6fc-aed4-489a-9365-8efdae68b9f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://mstdn.ca/users/rfwaveio/statuses/114219932988801200", "content": "", "creation_timestamp": "2025-03-24T23:11:08.726158Z"}, {"uuid": "99bad67b-6046-4830-8c24-fa11a464de1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-1097", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3llf5xbl55gp2", "content": "", "creation_timestamp": "2025-03-27T20:41:49.755503Z"}, {"uuid": "93f6a0fa-f599-4a0a-a93b-0600208e512a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114220315428165597", "content": "", "creation_timestamp": "2025-03-25T00:48:20.403718Z"}, {"uuid": "7d98cc3e-7bda-48fb-8742-b6269442cf0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://thehackernews.com/2025/03/critical-ingress-nginx-controller.html", "content": "", "creation_timestamp": "2025-03-24T17:55:00.000000Z"}, {"uuid": "171b1000-0a6f-4df5-9696-7c9c0fe11fbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3ll6o7wc2ff22", "content": "", "creation_timestamp": "2025-03-25T06:44:47.100873Z"}, {"uuid": "7dd1ff71-c603-4ab6-aed3-3716f402715d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://bsky.app/profile/syklemil.snabelen.no.ap.brid.gy/post/3ll6qmm6jtli2", "content": "", "creation_timestamp": "2025-03-25T07:28:22.885240Z"}, {"uuid": "9f7ddb0f-6d63-4f79-8e95-a1b75b2cdd16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://bsky.app/profile/fefesblog.skybot.party/post/3ll6qqgnhz72q", "content": "", "creation_timestamp": "2025-03-25T07:29:03.528742Z"}, {"uuid": "709c328f-bf49-4c17-bbf8-d4981b9805d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://bsky.app/profile/Dreadnod.social.cologne.ap.brid.gy/post/3ll6qvmgt6pa2", "content": "", "creation_timestamp": "2025-03-25T07:34:59.271789Z"}, {"uuid": "e100365a-6e24-46b0-a889-28ad4e62c599", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3llesaz733zp2", "content": "", "creation_timestamp": "2025-03-27T17:15:03.238075Z"}, {"uuid": "58d848a6-7fd1-4cd4-9d21-0d8da784830b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://bsky.app/profile/chrisshort.net/post/3llphyjrkem2k", "content": "", "creation_timestamp": "2025-03-31T23:07:47.734204Z"}, {"uuid": "dffb5719-54ea-4f4e-9c0d-b685e04d313b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://hachyderm.io/users/ChrisShort/statuses/114259556320162403", "content": "", "creation_timestamp": "2025-03-31T23:07:49.105638Z"}, {"uuid": "ff327cc5-3d03-4bca-aa25-d44f2bed350e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://hachyderm.io/users/ChrisShort/statuses/114259556320162403", "content": "", "creation_timestamp": "2025-03-31T23:07:49.130057Z"}, {"uuid": "cc594358-c611-4e11-8522-c1844aa9b491", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://bsky.app/profile/elhacker.net/post/3llgtmkryoc25", "content": "", "creation_timestamp": "2025-03-28T12:41:53.230280Z"}, {"uuid": "77bb957d-7449-4b63-aefd-8fe24f34c266", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3llj55fubcs2b", "content": "", "creation_timestamp": "2025-03-29T10:37:48.841316Z"}, {"uuid": "e40fce28-6d60-41c0-abee-91127a64d3c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3llj55hlc2k2b", "content": "", "creation_timestamp": "2025-03-29T10:37:51.259940Z"}, {"uuid": "d3b40b1d-fef3-4438-83a9-85c06fc286f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3llj55jd74k2b", "content": "", "creation_timestamp": "2025-03-29T10:37:53.687238Z"}, {"uuid": "4f6b49d6-ca97-4e73-a8de-8f4303fe72d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3llj55ltcls2b", "content": "", "creation_timestamp": "2025-03-29T10:37:56.069198Z"}, {"uuid": "c3fb5ec4-0710-400d-89e9-f8f98c20c2b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-feeb6c24-c70747e08b7ea0ca", "content": "", "creation_timestamp": "2025-03-31T15:55:24.471462Z"}, {"uuid": "9418ff7a-e58e-479b-9b43-5de7760d6361", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3llulri3q7c2x", "content": "", "creation_timestamp": "2025-04-02T23:58:44.215418Z"}, {"uuid": "98391b10-3408-41e0-b19c-1b2993d48a71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3llvxmfxpnmt2", "content": "", "creation_timestamp": "2025-04-03T13:03:32.477808Z"}, {"uuid": "f9a9811c-f744-4263-9587-c11ab17f011a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-1097.yaml", "content": "", "creation_timestamp": "2025-04-09T17:22:03.000000Z"}, {"uuid": "5c22bf3e-7598-4484-8dbb-1025247593c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-100-05", "content": "", "creation_timestamp": "2025-04-10T10:00:00.000000Z"}, {"uuid": "18ec5c56-32d3-4696-a529-9c092bd23332", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://infosec.exchange/users/DarkWebInformer/statuses/115379792545602333", "content": "", "creation_timestamp": "2025-10-15T19:18:38.173162Z"}, {"uuid": "5523f7b7-715e-4835-a49c-548a8a6ad08b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-10971", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3m6yjwalrpr2b", "content": "", "creation_timestamp": "2025-12-02T08:34:57.377890Z"}, {"uuid": "0f885f7d-581b-40b2-9763-ba70495ca937", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3lwbwglwoxz2t", "content": "", "creation_timestamp": "2025-08-13T13:26:04.528207Z"}, {"uuid": "d569a74c-9c01-45e8-9da9-2850bc4eaccb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://gist.github.com/Darkcrai86/d5391a4dc6327062b493bd576ae34de3", "content": "", "creation_timestamp": "2025-12-29T15:24:14.000000Z"}, {"uuid": "138d8be6-4a92-4d1d-913e-e8a020770363", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3mb5a3w2nv2s2", "content": "", "creation_timestamp": "2025-12-30T00:47:09.451307Z"}, {"uuid": "b8eb87b0-5069-4484-a6ad-13cbcd7c0650", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3mb5kmmjajw52", "content": "", "creation_timestamp": "2025-12-30T00:55:30.059304Z"}, {"uuid": "87501354-0ff7-4561-aef1-a5fdd8ca2575", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "published-proof-of-concept", "source": "https://t.me/tech_b0lt_Genona/5140", "content": "\u0411\u0430\u043b\u0434\u0451\u0436\u043d\u0430\u044f \u0434\u044b\u0440\u0430\n\n\u042f \u043d\u0435 \u0441\u043c\u043e\u0433\u0443 \u0432\u0441\u0451 \u0443\u043c\u0435\u0441\u0442\u0438\u0442\u044c \u0432 \u043f\u043e\u0441\u0442, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u0447\u0435\u0441\u043a\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e \u043f\u0440\u043e\u0439\u0442\u0438 \u043f\u043e \u0441\u0441\u044b\u043b\u043a\u0435 \u043f\u043e\u0447\u0438\u0442\u0430\u0442\u044c. \u0414\u0435\u043c\u043a\u0443 PoC'\u0430 \u043f\u0440\u0438\u0446\u0435\u043f\u0438\u043b \u043a \u043f\u043e\u0441\u0442\u0443.\n\ntl;dr \nOver 40% of cloud environments are vulnerable to RCE, likely leading to a complete cluster takeover\n\nWiz Research discovered CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 and CVE-2025-1974, a series of unauthenticated Remote Code Execution vulnerabilities in Ingress NGINX Controller for Kubernetes dubbed #IngressNightmare. Exploitation of these vulnerabilities leads to unauthorized access to all secrets stored across all namespaces in the Kubernetes cluster by attackers, which can result in cluster takeover.\n. . .\nThe Vulnerability  \nIngress NGINX deploys an admission controller within its pod, designed to validate incoming ingress objects before they are deployed. By default, admission controllers are accessible over the network without authentication, making them a highly appealing attack vector. \n\nWhen the Ingress-NGINX admission controller processes an incoming ingress object, it constructs an NGINX configuration from it and then validates it using the NGINX binary.  Our team found a vulnerability in this phase that allows injecting an arbitrary NGINX configuration remotely, by sending a malicious ingress object directly to the admission controller through the network.  \n\nDuring the configuration validation phase, the injected NGINX configuration causes the NGINX validator to execute code, allowing remote code execution (RCE) on the Ingress NGINX Controller\u2019s pod. \n\nThe admission controller\u2019s elevated privileges and unrestricted network accessibility create a critical escalation path. Exploiting this flaw allows an attacker to execute arbitrary code and access all cluster secrets across namespaces, that could lead to complete cluster takeover.\n. . .\nMitigation &amp; Detection\n\nFirst, determine if your clusters are using ingress-nginx. In most cases, you can check this by running kubectl get pods --all-namespaces --selector app.kubernetes.io/name=ingress-nginx with cluster administrator permissions.\n\nThis vulnerability is fixed in Ingress NGINX Controller version 1.12.1 and 1.11.5. We strongly recommend that cluster admins: \n\n- Update to the latest version of Ingress NGINX Controller. \n\n- Ensure the admission webhook endpoint is not exposed externally. \n. . .\nFrom Configuration Injection to RCE \n\nWith a reliable file upload to Ingress NGINX Controller\u2019s pod, we can now put it all together to exploit this issue into a full-blown Remote Code Execution. \n\nThe exploit works as follows: \n\n- Upload our payload in the form of a shared library to the pod by abusing the client-body buffer feature of NGINX \n\n- Send an AdmissionReview request to the Ingress NGINX Controller\u2019s admission controller, which contains any one of our directive injections \n\n- The directive we inject is the ssl_engine directive, which will cause NGINX to load the specified file as a shared library \n\n- We specify the ProcFS path to the file descriptor of our payload \n\n- If everything goes well, our shared library is now loaded, and we execute code remotely \nIngressNightmare: 9.8 Critical Unauthenticated Remote Code Execution Vulnerabilities in Ingress NGINX\nhttps://www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilities\n+\nAVD-KSV-0041 - Ingress Controller - Cluster Role Allowing Access To All Secrets\nhttps://github.com/kubernetes/ingress-nginx/issues/10778\n\nissue \u0431\u044b\u043b\u0430 \u043e\u0442\u043a\u0440\u044b\u0442\u0430 \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 2023 \u0433\u043e\u0434\u0430 (\u0431\u044b\u043b\u0430 \u0437\u0430\u043a\u0440\u044b\u0442\u0430 \u0438 \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043f\u0435\u0440\u0435\u043e\u0442\u043a\u0440\u044b\u0442\u0430), \u0430 \u043f\u043e \u0444\u0430\u043a\u0442\u0443 Wiz \u0437\u0430\u0440\u0435\u043f\u043e\u0440\u0442\u0438\u043b \u0431\u0430\u0433\u0438 \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 2024 \u0442\u043e\u043b\u044c\u043a\u043e. \u0412\u043e\u0442 \u0438 \u0434\u0443\u043c\u0430\u0435\u043c \ud83c\udf1d", "creation_timestamp": "2025-03-25T08:54:56.000000Z"}, {"uuid": "4b5b50e9-5922-423d-bc30-ad16dc8c0995", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8576", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-1097\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: A security issue was discovered in  ingress-nginx https://github.com/kubernetes/ingress-nginx  where the `auth-tls-match-cn` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)\n\ud83d\udccf Published: 2025-03-24T23:29:05.879Z\n\ud83d\udccf Modified: 2025-03-24T23:29:05.879Z\n\ud83d\udd17 References:\n1. https://github.com/kubernetes/kubernetes/issues/131007", "creation_timestamp": "2025-03-25T00:25:22.000000Z"}, {"uuid": "e728582e-d080-49f8-a866-c1461d43b323", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_News/2541", "content": "\ud83d\udea8 News Alert!\n\nSource: Dark Web Informer - Cyber Threat Intelligence\nTitle: PoC Code to Exploit the IngressNightmare Vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974)\nLink: https://darkwebinformer.com/poc-code-to-exploit-the-ingressnightmare-vulnerabilities-cve-2025-1097-cve-2025-1098-cve-2025-24514-and-cve-2025-1974/", "creation_timestamp": "2025-03-27T20:04:08.000000Z"}, {"uuid": "a25c3e91-459b-4477-bdbb-1ebf83b3334d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "Telegram/QMJRspa-u4nazI8zKkYrcrzsCPEt_TjOqyMhuWOLygoVcg", "content": "", "creation_timestamp": "2025-03-25T01:46:01.000000Z"}, {"uuid": "d424f186-d77a-49de-ac7c-42d19d2fd89d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "published-proof-of-concept", "source": "Telegram/S8evqPLoGvKFCYHeTINL4ie15PDtB1zbRa6NYmcOYj_DCuM", "content": "", "creation_timestamp": "2025-03-27T08:00:07.000000Z"}, {"uuid": "dc619659-7752-4ada-89df-5c2912429d19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "published-proof-of-concept", "source": "Telegram/qtf5UlSjl8ansax6HEFOWjNwUYd29vo_Y6ok0vpVyjxeaHc", "content": "", "creation_timestamp": "2025-03-30T17:00:07.000000Z"}, {"uuid": "5ccd531d-4f6a-4e9f-8fcb-b3fdf06e6a1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lmkw4caupn2e", "content": "", "creation_timestamp": "2025-04-11T21:02:24.412916Z"}, {"uuid": "355dad85-34d0-4ae0-9635-08e229792aad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3lsef3xlyl52n", "content": "", "creation_timestamp": "2025-06-24T15:13:05.717224Z"}, {"uuid": "68ec33ea-5348-4237-a060-f135e59e97f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-10971", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/115649052276359191", "content": "", "creation_timestamp": "2025-12-02T08:34:55.576101Z"}, {"uuid": "a833c7fa-54d8-485e-9170-0f64c9bebf6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-08-10T18:27:45.000000Z"}, {"uuid": "eb8f9ffa-1323-4fd0-973f-43647d7dbc54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://t.me/cvedetector/21023", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-1097 - Kubernetes Ingress-Nginx Arbitrary Code Execution and Secret Disclosure\", \n  \"Content\": \"CVE ID : CVE-2025-1097 \nPublished : March 25, 2025, 12:15 a.m. | 1\u00a0hour, 15\u00a0minutes ago \nDescription : A security issue was discovered in  ingress-nginx   where the `auth-tls-match-cn` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.) \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T02:46:11.000000Z"}, {"uuid": "af9ce209-dc15-4e33-9fdc-24514c2beedd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://t.me/bizone_channel/1794", "content": "\ud83e\udd65 BI.Z\u041eNE WAF \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u0442 \u043e\u0442 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Kubernetes \u2014 Ingress Nightmare\n\n\u041d\u0430\u0439\u0434\u0435\u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 ingress-\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430\u0445 \u0434\u043b\u044f Kubernetes, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0442 \u0432\u0445\u043e\u0434\u044f\u0449\u0438\u043c\u00a0\u0432 \u043a\u043b\u0430\u0441\u0442\u0435\u0440 \u0442\u0440\u0430\u0444\u0438\u043a\u043e\u043c. \u041d\u0435\u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043e\u043d\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 Ingress Nightmare.\n\nCVE-2025-1974, \u0434\u043e\u043f\u0443\u0441\u043a\u0430\u044e\u0449\u0443\u044e \u043f\u0435\u0440\u0432\u0438\u0447\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f, \u043e\u0446\u0435\u043d\u0438\u043b\u0438 \u0432 9,8 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS. \u0422\u0430\u043a\u0436\u0435 \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u0440\u0430\u0437\u0432\u0438\u0442\u0438\u0435\u043c \u0432\u0435\u043a\u0442\u043e\u0440\u0430 \u0430\u0442\u0430\u043a\u0438: CVE-2025-24513, CVE-2025-24514, CVE-2025-1097, CVE-2025-1098.\u00a0\n\n\u041f\u0435\u0440\u0432\u0438\u0447\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0430\u0439\u0434\u0435\u043d\u0430 \u0432 Ingress NGINX Controller, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0435\u043c NGINX \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043e\u0431\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0438 \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u0449\u0438\u043a\u0430 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043a\u0440\u043e\u0435\u0442\u0441\u044f \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 Kubernetes Admission Controllers \u2014 \u044d\u0442\u043e \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u0442\u0432\u0435\u0447\u0430\u0435\u0442 \u0437\u0430 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0443 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043a API-\u0441\u0435\u0440\u0432\u0435\u0440\u0443 Kubernetes.\u00a0\n\n\u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f CVE-2025-1974 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u043c\u0438\u043d\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u0441\u0435\u0442\u0438 \u043e\u0431\u0440\u0430\u0442\u0438\u0442\u044c\u0441\u044f \u043a \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0439 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 Ingress Nginx \u0438 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 (RCE) \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u0430 AdmissionReview.\u00a0\n\n\u041f\u043e \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b BI.Z\u041eNE WAF, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043f\u043e\u0440\u044f\u0434\u043a\u0430 43% \u043e\u0431\u043b\u0430\u0447\u043d\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b.\u00a0\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 ingress-nginx v1.11.5 \u0438 1.12.1.\n\n\u0415\u0441\u043b\u0438 \u0432\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e \u041f\u041e, \u043e\u0442 CVE-2025-1974 \u043f\u043e\u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u0449\u0438\u0442\u0438\u0442\u044c\u0441\u044f BI.ZONE WAF.\u00a0\u0420\u0435\u0448\u0435\u043d\u0438\u0435 \u0431\u043b\u043e\u043a\u0438\u0440\u0443\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0432\u043d\u0435\u0448\u043d\u0438\u0445 \u043e\u0431\u0440\u0430\u0449\u0435\u043d\u0438\u0439 AdmissionReview, \u0447\u0442\u043e \u0437\u0430\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u043f\u0435\u0440\u0432\u0438\u0447\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u0438 \u043d\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0440\u0430\u0437\u0432\u0438\u0432\u0430\u0442\u044c \u0430\u0442\u0430\u043a\u0443 \u0434\u0430\u043b\u044c\u0448\u0435.\n\n\u0422\u0430\u043a\u0436\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u044b \u0432 BI.ZONE CPT.", "creation_timestamp": "2025-03-28T15:08:59.000000Z"}, {"uuid": "85750176-f277-44d2-bd0a-07dd30df78c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "published-proof-of-concept", "source": "Telegram/otAoaF9HglqRlYurEeGfVVpj7vUDLPFmRTv87nx_aQ9uiE0", "content": "", "creation_timestamp": "2025-03-27T04:00:06.000000Z"}, {"uuid": "4ee18e73-72bd-4dd7-9fea-e291c1298d0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-09-10T07:47:59.000000Z"}, {"uuid": "6936fd21-2d18-453a-b1d7-2cd92a84a49d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://www.cert.at/de/warnungen/2025/3/kubernetes-ingress-nginx-controller-vulnerabilities", "content": "", "creation_timestamp": "2025-03-26T13:31:21.000000Z"}, {"uuid": "6c95209a-a2e6-4926-9bc1-a341bef6a7b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://bsky.app/profile/exploitdb-bot.bsky.social/post/3mdzycw4kpe2p", "content": "", "creation_timestamp": "2026-02-04T13:31:11.795319Z"}, {"uuid": "0b938e0b-3fc1-4290-8fb8-b22add6e9c02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2025-10970", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mfc647jmjh2s", "content": "", "creation_timestamp": "2026-02-20T13:01:19.773038Z"}, {"uuid": "be5fbce0-2651-47d0-9348-5d9ba24ca556", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/84edafcd-42a7-4c30-96f8-87de8e73e1ab", "content": "", "creation_timestamp": "2025-03-25T10:40:57.259809Z"}, {"uuid": "13ac4334-19f2-4156-b04b-c21af5ab3df4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/27241", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aIngressNightmare-PoC\uff1a (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, CVE-2025-1974)  PoC \uff0cOne-click script \u3002 \u4e00\u952e\u811a\u672c \nURL\uff1ahttps://github.com/lufeirider/IngressNightmare-PoC\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-03-30T08:35:01.000000Z"}, {"uuid": "c7ce7266-9255-4d8b-91d2-b22addd15059", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://t.me/itsec_news/5595", "content": "\u200b\u26a1\ufe0fIngressNightmare: \u043d\u043e\u0432\u0430\u044f \u0430\u0442\u0430\u043a\u0430 \u043d\u0430 Ingress-Nginx \u0432\u0435\u0434\u0451\u0442 \u043a \u043f\u043e\u043b\u043d\u043e\u043c\u0443 \u0432\u0437\u043b\u043e\u043c\u0443 Kubernetes\n\n\ud83d\udcac \u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b Wiz \u0432\u044b\u044f\u0432\u0438\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 admission controller \u0443 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 \u0432\u0445\u043e\u0434\u044f\u0449\u0435\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430 Ingress-Nginx \u0434\u043b\u044f Kubernetes. \u041e\u0448\u0438\u0431\u043a\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u043c. \u041f\u043e \u043e\u0446\u0435\u043d\u043a\u0435 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432, \u0432 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e \u0431\u043e\u043b\u0435\u0435 6 500 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0442\u0435, \u0447\u0442\u043e \u043f\u0440\u0438\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0442 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f\u043c \u0438\u0437 \u0441\u043f\u0438\u0441\u043a\u0430 Fortune 500.\n\nIngress-\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u044b \u0432 Kubernetes \u0441\u043b\u0443\u0436\u0430\u0442 \u0441\u0432\u044f\u0437\u0443\u044e\u0449\u0438\u043c \u0437\u0432\u0435\u043d\u043e\u043c \u043c\u0435\u0436\u0434\u0443 \u0432\u043d\u0435\u0448\u043d\u0438\u043c \u043c\u0438\u0440\u043e\u043c \u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c\u0438 \u0432\u043d\u0443\u0442\u0440\u0438 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430. \u041e\u043d\u0438 \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u044e\u0442 ingress-\u043e\u0431\u044a\u0435\u043a\u0442\u044b \u2014 \u043f\u0440\u0430\u0432\u0438\u043b\u0430, \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0449\u0438\u0435, \u043a\u0430\u043a\u043e\u0439 \u0432\u043d\u0435\u0448\u043d\u0438\u0439 HTTP/S-\u0442\u0440\u0430\u0444\u0438\u043a \u043a\u0443\u0434\u0430 \u0434\u043e\u043b\u0436\u0435\u043d \u0431\u044b\u0442\u044c \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d. Ingress-Nginx \u2014 \u043e\u0434\u0438\u043d \u0438\u0437 \u0441\u0430\u043c\u044b\u0445 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0451\u043d\u043d\u044b\u0445 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u043e\u0432, \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043d\u0430 \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u0435 Nginx. \u041e\u043d \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043f\u0440\u0435\u0432\u0440\u0430\u0449\u0430\u0435\u0442 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u044f \u0432 ingress-\u043e\u0431\u044a\u0435\u043a\u0442\u0430\u0445 \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b Nginx \u0438 \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0442\u0440\u0430\u0444\u0438\u043a \u0432 \u043d\u0443\u0436\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u044b.\n\n\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0442\u0435\u043c, \u043a\u0430\u043a Ingress-Nginx \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u0442\u0430\u043a\u0438\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438. \u041e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c \u0437\u0430 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f admission controller. \u041f\u0440\u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0438 ingress-\u043e\u0431\u044a\u0435\u043a\u0442\u0430 \u043e\u043d \u0433\u0435\u043d\u0435\u0440\u0438\u0440\u0443\u0435\u0442 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e Nginx \u0438 \u043f\u0435\u0440\u0435\u0434\u0430\u0451\u0442 \u0435\u0451 \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0431\u0438\u043d\u0430\u0440\u043d\u043e\u043c\u0443 \u0432\u0430\u043b\u0438\u0434\u0430\u0442\u043e\u0440\u0443. \u0418\u043c\u0435\u043d\u043d\u043e \u0437\u0434\u0435\u0441\u044c \u0438 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043e\u0448\u0438\u0431\u043a\u0430: \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0443\u044e \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u0443\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043f\u0440\u044f\u043c\u043e \u0432\u043d\u0443\u0442\u0440\u0438 \u043f\u043e\u0434\u0430, \u0433\u0434\u0435 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440.\n\n\u041e\u0441\u043e\u0431\u0443\u044e \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0442\u043e, \u0447\u0442\u043e admission controller \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0438\u043c\u0435\u0435\u0442 \u0448\u0438\u0440\u043e\u043a\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0438 \u0434\u043e\u0441\u0442\u0443\u043f \u043a\u043e \u0432\u0441\u0435\u043c \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u0430\u043c \u0438\u043c\u0435\u043d (namespace) \u0432\u043d\u0443\u0442\u0440\u0438 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430. \u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u0430\u0442\u0430\u043a\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0445\u0430\u043a\u0435\u0440\u0443 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0439 \u043a\u043e\u0434, \u043d\u043e \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a\u043e \u0432\u0441\u0435\u043c \u0441\u0435\u043a\u0440\u0435\u0442\u0430\u043c, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043e\u043f\u0430\u0441\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u2014 CVE-2025-1974 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 9.8). \u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434 \u043d\u0430 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0435 \u0447\u0435\u0440\u0435\u0437 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043e\u0444\u043e\u0440\u043c\u043b\u0435\u043d\u043d\u044b\u0439 ingress-\u043e\u0431\u044a\u0435\u043a\u0442. \u041e\u0441\u0442\u0430\u043b\u044c\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u2014 CVE-2025-1097 , CVE-2025-1098 \u0438 CVE-2025-24514 \u2014 \u0438\u043c\u0435\u044e\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS: 8.8 \u0431\u0430\u043b\u043b\u043e\u0432. \u0421\u0430\u043c\u0430\u044f \u00ab\u043b\u0451\u0433\u043a\u0430\u044f\u00bb \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u2014 CVE-2025-24513 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 4.8).\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u043e\u0431\u0449\u0435\u0435 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 IngressNightmare. Wiz \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430\u043c \u043e \u043d\u0430\u0445\u043e\u0434\u043a\u0435 \u0432 \u043a\u043e\u043d\u0446\u0435 2024 \u0433\u043e\u0434\u0430. \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b 10 \u043c\u0430\u0440\u0442\u0430 2025 \u0433\u043e\u0434\u0430, \u043d\u043e \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u043b\u0438\u0441\u044c. \u0423\u0441\u0442\u0440\u0430\u043d\u0451\u043d\u043d\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Ingress-Nginx \u2014 1.12.1 \u0438 1.11.5 \u2014 \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0440\u0438\u0441\u043a, \u0447\u0442\u043e \u043d\u0435 \u0432\u0441\u0435 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u044b \u0432\u043e\u0432\u0440\u0435\u043c\u044f \u043e\u0431\u043d\u043e\u0432\u044f\u0442 \u0441\u0432\u043e\u0438 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u044b. Kubernetes \u0447\u0430\u0441\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0445\u043e\u0441\u0442\u0438\u043d\u0433\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u044b\u0445 \u0431\u0438\u0437\u043d\u0435\u0441-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439, \u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 \u043c\u043e\u0436\u0435\u0442 \u043e\u043a\u0430\u0437\u0430\u0442\u044c\u0441\u044f \u043d\u0435\u043f\u0440\u043e\u0441\u0442\u043e\u0439 \u0437\u0430\u0434\u0430\u0447\u0435\u0439. \u0412 \u0442\u0430\u043a\u0438\u0445 \u0441\u043b\u0443\u0447\u0430\u044f\u0445 Wiz \u0441\u043e\u0432\u0435\u0442\u0443\u0435\u0442 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 admission controller \u0438\u043b\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0442\u044c \u043a \u043d\u0435\u043c\u0443 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f, \u0440\u0430\u0437\u0440\u0435\u0448\u0438\u0432 \u0435\u0433\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u0441\u043e \u0441\u0442\u043e\u0440\u043e\u043d\u044b Kubernetes API Server.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2025-03-25T10:16:07.000000Z"}, {"uuid": "164d5b50-4aca-41d3-ad8e-2bbf6c224319", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/15432", "content": "\ud83d\udea8PoC Code to Exploit the IngressNightmare Vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974)\n\nhttps://darkwebinformer.com/poc-code-to-exploit-the-ingressnightmare-vulnerabilities-cve-2025-1097-cve-2025-1098-cve-2025-24514-and-cve-2025-1974/", "creation_timestamp": "2025-03-27T21:03:44.000000Z"}, {"uuid": "1cfeaa0a-745e-4422-bf4e-1d129de9647b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://t.me/true_secator/6873", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Wiz \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0435 Ingress NGINX \u0434\u043b\u044f Kubernetes, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u044e\u0442 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u044b \u0440\u0438\u0441\u043a\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u0437\u043b\u043e\u043c\u0430.\n\n\u041e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043e\u0442\u043b\u0435\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a CVE CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 \u0438 CVE-2025-1974 \u0438 \u0432 \u0441\u043e\u0432\u043e\u043a\u0443\u043f\u043d\u043e\u0441\u0442\u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u043e\u0431\u0449\u0435\u0435 \u043d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 IngressNightmare, \u0432\u043b\u0438\u044f\u044f \u043d\u0430 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440 Ingress NGINX, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u0449\u0438\u043a\u0430 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0438 \u043e\u0431\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0432\u043d\u0443\u0442\u0440\u0438 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430.\n\n\u041f\u0440\u0438 \u0442\u043e\u043c, \u0447\u0442\u043e Ingress-NGINX - \u044d\u0442\u043e \u043e\u0434\u0438\u043d \u0438\u0437 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0445 \u043c\u0435\u0442\u043e\u0434\u043e\u0432 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u043d\u0435\u0448\u043d\u0435\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c Kubernetes.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Wiz, 41% \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u0432, \u0432\u044b\u0445\u043e\u0434\u044f\u0449\u0438\u0445 \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 Ingress NGINX.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, 43% \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0445 \u0441\u0440\u0435\u0434 \u0438\u043c\u0435\u044e\u0442 \u043f\u043e \u043a\u0440\u0430\u0439\u043d\u0435\u0439 \u043c\u0435\u0440\u0435 \u043e\u0434\u0438\u043d \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0439 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440, \u0430 6500 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u0432, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0442\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u0438\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0442 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f\u043c \u0438\u0437 \u0441\u043f\u0438\u0441\u043a\u0430 Fortune 500, \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0432\u044b\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u044b \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442.\n\nIngressNightmare \u043d\u0435\u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440 \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u0442 \u0432\u0445\u043e\u0434\u044f\u0449\u0438\u0435 \u043e\u0431\u044a\u0435\u043a\u0442\u044b \u0432\u0445\u043e\u0434\u0430 \u043f\u0435\u0440\u0435\u0434 \u0438\u0445 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0435\u043c.\n\n\u0420\u0438\u0441\u043a \u0430\u0442\u0430\u043a \u0443\u0432\u0435\u043b\u0438\u0447\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u0438\u0437-\u0437\u0430 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u044b \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u043f\u043e \u0441\u0435\u0442\u0438 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\u00a0\n\n\u041a\u043e\u0433\u0434\u0430 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440 \u0434\u043e\u043f\u0443\u0441\u043a\u0430 Ingress-NGINX \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u0432\u0445\u043e\u0434\u044f\u0449\u0438\u0439 \u043e\u0431\u044a\u0435\u043a\u0442 \u0432\u0445\u043e\u0434\u044f\u0449\u0435\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430, \u043e\u043d \u0441\u043e\u0437\u0434\u0430\u0435\u0442 \u0438\u0437 \u043d\u0435\u0433\u043e \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e NGINX, \u0430 \u0437\u0430\u0442\u0435\u043c \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u0442 \u0435\u0435 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0434\u0432\u043e\u0438\u0447\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 NGINX.\n\n\u041a\u043e\u043c\u0430\u043d\u0434\u0430 Wiz \u0437\u0430\u043c\u0435\u0442\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u043c\u0435\u043d\u043d\u043e \u043d\u0430 \u044d\u0442\u043e\u043c \u044d\u0442\u0430\u043f\u0435, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u043d\u0435\u0434\u0440\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u0443\u044e \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e NGINX, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043e\u0431\u044a\u0435\u043a\u0442 \u0432\u0445\u043e\u0434\u044f\u0449\u0435\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u043d\u0435\u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0443 \u0432\u0445\u043e\u0434\u044f\u0449\u0435\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u0447\u0435\u0440\u0435\u0437 \u0441\u0435\u0442\u044c.\n\n\u041d\u0430 \u044d\u0442\u0430\u043f\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u043d\u0430\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f NGINX \u0437\u0430\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0432\u0430\u043b\u0438\u0434\u0430\u0442\u043e\u0440 NGINX \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c RCE \u043d\u0430 \u043c\u043e\u0434\u0443\u043b\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 Ingress NGINX.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 IngressNightmare \u0432 \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u043c \u0438\u0442\u043e\u0433\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a\u043e \u0432\u0441\u0435\u043c \u0441\u0435\u043a\u0440\u0435\u0442\u0430\u043c, \u0445\u0440\u0430\u043d\u044f\u0449\u0438\u043c\u0441\u044f \u0432\u043e \u0432\u0441\u0435\u0445 \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u0430\u0445 \u0438\u043c\u0435\u043d, \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0446\u0435\u043b\u0435\u0432\u044b\u043c \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u043c Kubernetes.\n\nIngress NGINX - \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u044b\u0439 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0439 \u043a\u0440\u0443\u043f\u043d\u0435\u0439\u0448\u0438\u043c\u0438 \u043c\u0438\u0440\u043e\u0432\u044b\u043c\u0438 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u044f\u0442\u0438\u044f\u043c\u0438 \u0438 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u043c\u0438 - \u043e\u0442 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u0418\u0418 \u0434\u043e \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0446\u0438\u0439 \u0438\u0437 \u0441\u043f\u0438\u0441\u043a\u0430 Fortune 500, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 \u0433\u0438\u043f\u043e\u0442\u0435\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0438 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u043c\u0438.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 Kubernetes \u0441\u043b\u0443\u0436\u0438\u0442 \u043e\u0441\u043d\u043e\u0432\u043e\u0439 \u0432\u0441\u0435\u0445 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0445 \u0441\u0440\u0435\u0434, \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u0437\u0430\u0445\u0432\u0430\u0442\u0430 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u0432, \u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430 \u043f\u043e\u044f\u0432\u0438\u0442\u0441\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a\u043e \u0432\u0441\u0435\u043c \u0434\u0430\u043d\u043d\u044b\u043c \u0438 \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438\u0445.\n\n\u041f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u043f\u043e \u0441\u0443\u0442\u0438 \u0431\u0435\u0437\u0433\u0440\u0430\u043d\u0438\u0447\u043d\u044b.\n\nWiz \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043e \u0441\u0432\u043e\u0438\u0445 \u0432\u044b\u0432\u043e\u0434\u0430\u0445 Kubernetes \u0432 \u043a\u043e\u043d\u0446\u0435 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2024 \u0433\u043e\u0434\u0430 \u0438 \u044f\u043d\u0432\u0430\u0440\u0435 2025 \u0433\u043e\u0434\u0430. \n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 Ingress NGINX Controller 1.12.1 \u0438 1.11.5, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u044b\u0448\u043b\u0438 \u0432 \u043f\u043e\u043d\u0435\u0434\u0435\u043b\u044c\u043d\u0438\u043a.\u00a0\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u0438\u043b\u0438 \u0436\u0435 \u0441\u043d\u0438\u0437\u0438\u0442\u044c \u0440\u0438\u0441\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043c\u0435\u0440 \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u043e\u043c \u0434\u043e\u043f\u0443\u0441\u043a\u0430: \u043b\u0438\u0431\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0432 \u0435\u0433\u043e, \u043b\u0438\u0431\u043e \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0432 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043d\u0435\u043c\u0443 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c API Kubernetes.\n\nKubernetes, Google Cloud \u0438 Microsoft \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u0441\u0432\u043e\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c IngressNightmare\u00a0(1, 2 \u0438 3 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e).", "creation_timestamp": "2025-03-26T10:39:04.000000Z"}, {"uuid": "cd6ed5db-f27c-40ac-b718-5186626fe9dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-1097", "type": "seen", "source": "https://t.me/cultofwire/1333", "content": "Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication\n\n\u041d\u0430\u0447\u043d\u0438\u0442\u0435 \u0441\u0432\u043e\u0451 \u0443\u0442\u0440\u043e \u0441 \u0447\u0430\u0448\u043a\u0438 \u043a\u0440\u0435\u043f\u043a\u043e\u0433\u043e CVSS 9.8 \u0432 Ingress NGINX Controller \u0434\u043b\u044f Kubernetes.\n\n\u041d\u0430\u0431\u043e\u0440 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 (CVE-2025-24513, CVE-2025-24514, CVE-2025-1097, CVE-2025-1098 \u0438 CVE-2025-1974) \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u043e\u0431\u0449\u0435\u0435 \u043a\u043e\u0434\u043e\u0432\u043e\u0435 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 IngressNightmare. \u0421\u0442\u043e\u0438\u0442 \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c, \u0447\u0442\u043e \u044d\u0442\u0438 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u043d\u0435 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 NGINX Ingress Controller, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0435\u0449\u0435 \u043e\u0434\u043d\u043e\u0439 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0435\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 Ingress \u0434\u043b\u044f NGINX \u0438 NGINX Plus.\n\n\u041a\u043e\u0440\u043e\u0442\u043a\u043e \u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445:\n- CVE-2025-24513 (CVSS: 4,8) \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a directory traversal \u0432\u043d\u0443\u0442\u0440\u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u0442 \u043a \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 (DoS) \u0438\u043b\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u043c\u0443 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0441\u0435\u043a\u0440\u0435\u0442\u043d\u044b\u0445 \u043e\u0431\u044a\u0435\u043a\u0442\u043e\u0432 \u0438\u0437 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430 \u0432 \u0441\u043e\u0447\u0435\u0442\u0430\u043d\u0438\u0438 \u0441 \u0434\u0440\u0443\u0433\u0438\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438.\n- CVE-2025-24514 (CVSS: 8,8) \u2014 \u0430\u043d\u043d\u043e\u0442\u0430\u0446\u0438\u044f Ingress auth-url \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0432 NGINX, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 ingress-nginx \u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0441\u0435\u043a\u0440\u0435\u0442\u043e\u0432, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0443.\n- CVE-2025-1097 (CVSS: 8,8) \u2014 \u0430\u043d\u043d\u043e\u0442\u0430\u0446\u0438\u044f Ingress auth-tls-match-cn \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0432 NGINX, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 ingress-nginx \u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0441\u0435\u043a\u0440\u0435\u0442\u043e\u0432, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0443.\n- CVE-2025-1098 (CVSS: 8,8) \u2014 \u0430\u043d\u043d\u043e\u0442\u0430\u0446\u0438\u0438 Mirror-Target \u0438 Mirror-Host Ingress \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0439 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0432 NGINX, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 Ingress-nginx \u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0441\u0435\u043a\u0440\u0435\u0442\u043e\u0432, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0443.\n- CVE-2025-1974 (CVSS: 9,8) \u2014 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u0438\u043c\u0435\u044e\u0449\u0438\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0435\u0442\u0438 \u043c\u043e\u0434\u0443\u043b\u0435\u0439, \u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 ingress-nginx \u043f\u0440\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445.\n\nWiz \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0434\u0435\u0442\u0430\u043b\u044c\u043d\u0443\u044e \u0441\u0442\u0430\u0442\u044c\u044e IngressNightmare: 9.8 Critical Unauthenticated Remote Code Execution Vulnerabilities in Ingress NGINX \u0441 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435\u043c \u0440\u0430\u0431\u043e\u0442\u044b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0430 \u0442\u0430\u043a \u0436\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u043c \u0434\u0435\u0442\u0435\u043a\u0442\u0430 \u0438 \u043c\u0438\u0442\u0438\u0433\u0430\u0446\u0438\u0438.", "creation_timestamp": "2025-03-25T07:19:59.000000Z"}]}